From: Greg Hudson <ghudson@mit.edu>
Date: Sun, 4 Apr 2010 20:18:12 +0000 (+0000)
Subject: Add krb5_tkt_creds_get().  Still untested
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4902baf5124d10a8fb5d770e4a0546ecf1e4f09e;p=thirdparty%2Fkrb5.git

Add krb5_tkt_creds_get().  Still untested

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/iakerb@23857 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin
index 2f4488ecef..9eb734b0fb 100644
--- a/src/include/krb5/krb5.hin
+++ b/src/include/krb5/krb5.hin
@@ -2416,6 +2416,9 @@ krb5_error_code KRB5_CALLCONV
 krb5_tkt_creds_init(krb5_context context, krb5_ccache ccache,
                     krb5_creds *creds, int kdcopt, krb5_tkt_creds_context *ctx);
 
+krb5_error_code KRB5_CALLCONV
+krb5_tkt_creds_get(krb5_context context, krb5_tkt_creds_context ctx);
+
 krb5_error_code KRB5_CALLCONV
 krb5_tkt_creds_get_creds(krb5_context context, krb5_tkt_creds_context ctx,
                          krb5_creds *creds);
diff --git a/src/lib/krb5/krb/gc_frm_kdc_step.c b/src/lib/krb5/krb/gc_frm_kdc_step.c
index 882707fe97..f1f0f59e6d 100644
--- a/src/lib/krb5/krb/gc_frm_kdc_step.c
+++ b/src/lib/krb5/krb/gc_frm_kdc_step.c
@@ -394,7 +394,6 @@ try_fallback_realm(krb5_context context, krb5_tkt_creds_context ctx)
 {
     krb5_error_code code;
     char **hrealms;
-    krb5_creds *server_tgt;
 
     if (ctx->server->length < 2) {
         /* We need a type/host format principal to find a fallback realm. */
@@ -849,7 +848,6 @@ begin_get_tgt(krb5_context context, krb5_tkt_creds_context ctx)
 static krb5_error_code
 begin(krb5_context context, krb5_tkt_creds_context ctx)
 {
-    krb5_creds *server_tgt;
     krb5_error_code code;
 
     /* If the server realm is unspecified, start with the client realm. */
@@ -954,6 +952,42 @@ krb5_tkt_creds_free(krb5_context context, krb5_tkt_creds_context ctx)
     free(ctx);
 }
 
+krb5_error_code
+krb5_tkt_creds_get(krb5_context context, krb5_tkt_creds_context ctx)
+{
+    krb5_error_code code;
+    krb5_data request = empty_data(), reply = empty_data();
+    krb5_data realm = empty_data();
+    unsigned int flags = 0;
+    int tcp_only = 0, use_master;
+
+    for (;;) {
+        /* Get the next request and realm.  Turn on TCP if necessary. */
+        code = krb5_tkt_creds_step(context, ctx, &reply, &request, &realm,
+                                   &flags);
+        if (code == KRB5KRB_ERR_RESPONSE_TOO_BIG && !tcp_only)
+            tcp_only = 1;
+        else if (code != 0 || (flags & 1) == 0)
+            break;
+        krb5_free_data_contents(context, &reply);
+
+        /* Send it to a KDC for the appropriate realm. */
+        use_master = 0;
+        code = krb5_sendto_kdc(context, &request, &realm,
+                               &reply, &use_master, tcp_only);
+        if (code != 0)
+            break;
+
+        krb5_free_data_contents(context, &request);
+        krb5_free_data_contents(context, &realm);
+    }
+
+    krb5_free_data_contents(context, &request);
+    krb5_free_data_contents(context, &reply);
+    krb5_free_data_contents(context, &realm);
+    return code;
+}
+
 krb5_error_code KRB5_CALLCONV
 krb5_tkt_creds_step(krb5_context context, krb5_tkt_creds_context ctx,
                     krb5_data *in, krb5_data *out, krb5_data *realm,